Pam Ssh : Security Vulnerabilities, CVEs,
The auth_via_key function in pam_ssh.c in pam_ssh before 1.92, when the allow_blank_passphrase option is disabled, allows remote attackers to bypass authentication restrictions and use private encryption keys requiring a blank passphrase by entering a non-blank passphrase.
Max CVSS
6.4
EPSS Score
4.43%
Published
2007-02-08
Updated
2011-03-08
1 vulnerabilities found